Dependency Review #15

	# Code generated by kickr; DO NOT EDIT.

	name: Dependency Review
	run-name: Dependency Review

	on:
	pull_request:
	types:
	- opened
	- reopened
	- synchronize
	- ready_for_review

	permissions:
	contents: read

	jobs:
	dependency-review:
	name: Dependency Review
	runs-on: ubuntu-latest
	if: ${{ !github.event.pull_request.draft }}
	permissions:
	pull-requests: write
	steps:
	# https://docs.stepsecurity.io/harden-runner/workflow-runs
	# https://github.com/marketplace/actions/harden-runner
	- uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
	with:
	disable-sudo-and-containers: true
	egress-policy: audit
	- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	# https://github.com/marketplace/actions/dependency-review
	- uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3
	with:
	comment-summary-in-pr: always

Provide feedback